United States Patent and Trademark Ofhce 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark OtBce 

Address: COMMISSIONER FOR PATENTS 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. CONFIRMATION NO. 



10/659,774 09/10/2003 Hei 

10945 7590 10/26/2011 

NOKIA CORPORATION 

c/o Ware, Fressola, Van Der Sluys & Adolphson LLP 
Building Five, Bradford Green 
755 Main Street, PO Box 224 
Monroe, CT 06468 



DAILEY, THOMAS J 



PAPER NUMBER 



DELIVERY MODE 



Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



United States Patent and Trademark Office 



Commissioner for Patents 
United States Patent and Trademarl< Office 
P.O. Box 1450 
Alexandria, VA 22313-1450 

www.uspto.gov 



BEFORE THE BOARD OF PATENT APPEALS 
AND INTERFERENCES 



Application Number: 10/659,774 
Filing Date: September 10, 2003 
Appellant(s): HAVERINEN ET AL. 



Keith R. Obert 
For Appellant 



EXAMINER'S ANSWER 



This is in response to the appeal brief filed 6/27/201 1 appealing from the Office action 
mailed 1/4/2011. 
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(1) Real Party in Interest 

A statement identifying by name the real party in interest is contained in the brief. 

(2) Related Appeals and Interferences 

The examiner is not aware of any related appeals, interferences, or judicial 
proceedings which will directly affect or be directly affected by or have a bearing on the 
Board's decision in the pending appeal. 

(3) Status of Claims 

The statement of the status of claims contained in the brief, as stated 
supplemental filling of 7/25/201 1 , is correct. 

(4) Status of Amendments After Final 

The examiner has no comment on the appellant's statement of the status of 
amendments after final rejection contained in the brief. 

(5) Summary of Claimed Subject Matter 

The examiner has no comment on the summary of claimed subject matter 
contained in the brief. 
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(6) Grounds of Rejection to be Reviewed on Appeal 

The examiner has no comment on the appellant's statement of the grounds of 
rejection to be reviewed on appeal. Every ground of rejection set forth in the Office 
action from which the appeal is taken (as modified by any advisory actions) is being 
maintained by the examiner except for the grounds of rejection (if any) listed under the 
subheading "WITHDRAWN REJECTIONS." New grounds of rejection (If any) are 
provided under the subheading "NEW GROUNDS OF REJECTION." 

(7) Claims Appendix 

The examiner has no comment on the copy of the appealed claims contained In 
the Appendix to the appellant's brief. 

(8) Evidence Relied Upon 

2003/0176188 O'Neill 9-2003 

2002/0133719 Westerdal 9-2002 

2003/0163733 Barriga-Caceres et al 8-2003 
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(9) Grounds of Rejection 

The following ground(s) of rejection are applicable to the appealed claims: 
Claim Rejections - 35 USC § 103 

1 . The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary sl<ill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 



2. Claims 1 , 4, 7, 1 0, 1 3-1 5, 20-21 , and 24-29 are rejected under 35 U.S.C. 1 03(a) 
as being unpatentable over O'Neill (US Pub. No. 2003/0176188) in view of 
Westerdal (US Pub. No. 2002/0133719). 

3. As to claim 1 , O'Neill discloses a method, comprising: 

receiving a request for full authentication of a terminal ([0031], lines 1 -8, every 
mobile device (terminal or end node) will have a home AAA server (see Fig. 1 ), 
at this home AAA server will be stored service profiles that inherently require full 
authentication of that particular mobile device); 

transmitting to the terminal a reauthentication identity including a unique 
realm name uniquely identifying an authentication server ([0053], lines 13-17, the 



Application/Control Number: 10/659,774 Page 6 

Art Unit: 2452 

NAI (reauthentication identity) of any end node (terminal) includes a realm name 
and identifies the home authentication server; it is essential that the realm name 
is transmitted to the mobile device); 

receiving a request for reauthentication from the terminal, the request for 
reauthentication Including the reauthentication Identity Including the unique realm 
name uniquely Identifying the authentication server ([0053], lines 13-23, any end 
node (terminal) sending an authentication request identifying its home 
authentication server (via a "reauthentication identity") reads upon "a request for 
reauthentication" as the end node was previously authorized by it's home 
authentication server, as that server stores it's service profile); 

wherein the request for reauthentication is routed to the authentication server 
according to the unique ream name included in the request for reauthentication 
([0053], lines 16-23). 

But, O'Neill may not explicitly disclose the transmission to the terminal of the 
reauthentication identity is in response to the request for the full authentication of 
terminal. Rather, O'Neill simply discloses the terminal has a reauthentication 
identity and is full authenticated, but is silent in regards to the order in which 
those steps occur. 

However, Westerdal discloses transmitting a reauthentication Identity to a 
terminal in response to an authentication request ([0037], client receives a new 
ARID which identifies the authentication server (see for example, [0036], lines 5- 
9); further this is a reauthentication identity as it is used in subsequent 
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authentications as described in [0036], i.e. if the cookie contains a known ARID 
has already gone through the processes described in [0037])). 

Therefore it would have been obvious to one of ordinary skill in the art at the 
time of the invention to combine the teachings of O'Neill and Westerdal because 
the substitution of one known element (i.e. Westerdal's method of providing a 
reauthentication identity) for another would have yielded predictable results (fast 
reauthentication for network devices, i.e. the end result of both Westerdal and 
O'Neill) to one of ordinary skill in the art. 

4. As to claims 4, 7,13,1 5, and 20, they are rejected by the same rationale set 
forth in claim 1's rejection. 

5. As to claim 10, O'Neill discloses a system comprising: 

a first authentication server configured to receive a request for full 
authentication of a terminal ([0031], lines 1-8, every mobile device (terminal or 
end node) will have a home AAA server (first authentication server) (see Fig. 1), 
at this home AAA server will be stored service profiles that inherently require full 
authentication of that particular mobile device), and configured to transmit to the 
terminal a reauthentication identity including a unique realm name uniquely 
identifying the first authentication server ([0053], lines 13-17, the NAI 
(reauthentication identity) of any end node (terminal) includes a realm name and 
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identifies the home authentication server; that realm name inherently is 
transmitted to the mobile device); and 

a second authentication server configured to receive a request for 
reauthentication from the terminal, the request for reauthentication including the 
reauthentlcatlon Identity including the unique realm name identifying the first 
authentication service ([0053], lines 13-23, any end node (terminal) sending an 
authentication request identifying its home authentication server (via a 
"reauthentication identity") to a visited AAA server (second authentication server) 
reads upon "a request for reauthentication" as the end node was previously 
authorized by it's home authentication server, as that server stores it's service 
profile), and configured to route the request for reauthentication to the first 
authentication server according to the unique realm name identifying the first 
authentication server ([0053], lines 16-23). 

But, O'Neill may not explicitly disclose the transmission to the terminal of the 
reauthentication identity is in response to the request for the full authentication of 
terminal. Rather, O'Neill simply discloses the terminal has a reauthentication 
identity and is full authenticated, but is silent in regards to the order in which 
those steps occur. 

However, Westerdal discloses transmitting a reauthentication Identity to a 
terminal in response to an authentication request ([0037], client receives a new 
ARID which identifies the authentication server (see for example, [0036], lines 5- 
9); further this is a reauthentication identity as it is used in subsequent 
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authentications as described in [0036], i.e. if the cookie contains a known ARID 
has already gone through the processes described in [0037])). 

Therefore it would have been obvious to one of ordinary skill in the art at the 
time of the invention to combine the teachings of O'Neill and Westerdal because 
the substitution of one known element (i.e. Westerdal's method of providing a 
reauthentication identity) for another would have yielded predictable results (fast 
reauthentication for network devices, i.e. the end result of both Westerdal and 
O'Neill) to one of ordinary skill in the art. 

6. As to claims 27 and 29, O'Neill discloses a method for use by a terminal, they are 
rejected by the same rationale set forth in claim 10's rejection 

7. As to claim 24, O'Neill discloses wherein the authentication network element is 
an authentication server (Fig. 5, label 114). 

8. As to claim 25, O'Neill discloses wherein the authentication network element is a 
proxy server (Fig. 5, label 135). 

9. As to claim 26, O'Neill discloses wherein the authentication network element is a 
service access point for authentication by an authentication server (Fig. 5, label 
128). 
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10. Claims 14 and 21 , are rejected under 35 U.S.C. 103(a) as being unpatentable 
over O'Neill in view of Westerdal as applied to claims 13 and 20 above, and in 
view of Barriga-Caceres et al (US Pub No. 2003/0163733), hereafter "Barriga." 

1 1 .As to claims 14 and 21 , O'Neill and Westerdal do not explicitly disclose wherein 
the means for transmitting to an authentication network element a request for 
reauthentication using the reauthentication identity including the unique realm 
name includes the reauthentication identity in an identity response packet 
according to an Extensible Authentication Protocol. 

However, Barriga discloses an authentication system (Abstract) that utilizes 
an Extensible Authentication Protocol ([0101]). 

Therefore it would have been obvious to one of ordinary skill in the art at the 
time of the invention to combine the teachings of O'Neill and Westerdal with 
Barriga in order to utilize a well-known protocol in the art that would allow 
O'Neill's system to be compatible with other, already deployed, systems. 

(10) Response to Argument 

The examiner summarizes the various points raised by the appellant and addresses 
replies individually. 

(1 ) The appellant argues with respect claim 1 that the combination of O'Neill and 
Westerdal fails to disclose or suggest "transmitting a reauthentication identity to a 
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terminal in response to a request for full authentication". Specifically, the appellant 
contends O'Neill fails to disclose transmitting to a terminal a reauthentication identity at 
all, let alone in response to a request. The appellant asserts O'Neill (in [0053]) only 
discloses that the mobile node ("terminal") may send an identity to the network, since 
message 550 is directed towards the Remote Home Agent 11 2 of the MN 202 in the 
home domain 1 102, but it is first sent to the access router 128 as message 550a and it 
is then sent to the remote home agent 1 1 2 as message 550b. That message 550 
includes a network access identifier ("reauthentication identity") having a user part and a 
realm part, however the message 550 is sent towards the Remote Home Agent 112, 
and therefore is not transmitted to the terminal, as recited in claim 1 . 

In reply to argument (1), O'Neill discloses transmitting to the terminal a 

reauthentication identity including a unique realm name uniquely identifying an 
authentication server ([0053], lines 13-17, the NAI (reauthentication identity) of any end 
node (terminal) includes a realm name and identifies the home authentication server 
("unique realm name"); it is essential that the realm name is transmitted to the mobile 
device). That is, O'Neill discloses transmission of a reauthentication identity to a 
terminal in a broad sense, but, O'Neill may not explicitly disclose the transmission to the 
terminal of the reauthentication identity is in response to the request for the full 
authentication of terminal. One of ordinary skill in the art would appreciate and see that 
the mobile node ("the terminal") of [0053], at some point in the 

authentication/authorization process with the home AAA server, will receive that server's 
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identity. Simply put, how else would that particular mobile node be aware of its home 
AAA server, a server that has already in fact authenticated the device? O'Neill is 
seemingly silent with this original authentication/authorization because O'Neill is more 
concerned with the roaming and reauthentication of the mobile nodes when they are 
away from their home AAA server (see Abstract, [0010]-[0012]) and this is why O'Neill 
reads on the remainder of the claim which deals with these reauthentication requests. 

The Westerdal reference was relied upon to disclose transmission in response to 
a specific request as elaborated on below in response to argument (2). 

(2) The appellant contends that Westerdal fails to make up for the perceived 
deficiencies of O'Neill as Westerdal is silent regarding any reauthentication that includes 
a reauthentication identity with a unique realm name uniquely identifying the 
authentication server, and that the request for reauthentication is routed to the 
authentication server according to the unique realm name included in the request for 
reauthentication, as recited in claim 1 . 

In reply to argument (2), the examiner notes one cannot show nonobviousness by 
attacking references individually where the rejections are based on combinations of 
references as O'Neill was replied upon to disclose a reauthentication identity with a 
unique realm name uniquely identifying the authentication server and the request for 
reauthentication is routed to the authentication server according to the unique realm 
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name, see Grounds of Rejections. See In re Keller, 642 F.2d 413, 208 USPQ 871 
(CCPA 1981); In re Merck & Co., 800 F.2d 1091, 231 USPQ 375 (Fed. Cir. 1986). 

Specifically with regard to the combination of O'Neill and Westerdal, O'Neill 
disclosed the claimed invention aside from the transmission to the terminal of the 
reauthentication Identity is in response to the request for the full authentication of 
terminal (see response to argument (1) and Grounds of Rejection for the remainder of 
the claim). Rather, O'Neill discloses at least the terminal has a reauthentication identity 
with a unique realm name and the terminal is fully authenticated, but is silent in regards 
to the order In which those steps occur. 

Westerdal was relied upon to disclose transmitting a reauthentication identity to a 
terminal in response to an authentication request ([0037], client receives a new APID 
which identifies the authentication server (see for example, [0036], lines 5-9)). Further 
this Is a reauthentication Identity as It Is used in subsequent authentications as 
described In [0036] (I.e. if the cookie contains a known APID then the client has already 
gone through the processes described in [0037]) and thus the client is being 
"reauthenticated." 

The appellant's remaining arguments hinge upon the above arguments. 
(11) Related Proceeding(s) Appendix 

No decision rendered by a court or the Board is identified by the examiner in the 
Related Appeals and Interferences section of this examiner's answer. 
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For the above reasons, it is believed tliat tine rejections sliould be sustained. 

Respectfully submitted, 

/Thomas J Dailey/ 

Primary Examiner, Art Unit 2452 

Conferees: 

/DOHM CHANKONG/ 
Primary Examiner, Art Unit 2452 



/THU NGUYEN/ 

Supervisory Patent Examiner, Art Unit 2452 



